I agree MVC is just a Design Pattern, it provides for seperation of
application tiers,
seperation of presentation from logic etc...Model - View - Controller.
About 75% of the applications out there implement a "Security Model" and
lets say
the application uses an MVC.
How does the Security tie with the MVC? Or should it not?
Logically the Controller can intercept the request and ask a Security Module
for Permission
before allowing access to execute an event/action.
If the above is the case, would you manipulate the controller to implement
security?
What if only 60% of the application is secure? How would you implement that?
Perhaps "Security" can be handled independent of the MVC, but how?
If it can be done, will you require all modules to implement security?
Is Decentralized Security a clean approach?
Joe Eugene
----- Original Message -----
From: "Sean Corfield" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Monday, July 19, 2004 2:19 PM
Subject: Re: MAX 2004 (MVC's Session)
> > e.g. I dont know of any MVC's that provide a Security Module by default.
>
> MVC is "just" a design pattern. How would it provide a "Security
> Module by default" since it is just a pattern? I think you're
> confusing MVC with something else (but I can't really understand what,
> based on the questions in your post).
>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
